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J2 (57) Abstract: A system and method for facilitating the authentication of wireless devices in an environment with multiple wireless 



networics. A user wishing to join an operating wireless network can bring his wireless device (430) within close physical proximity, 
for example, less than one meter, of a device (410) in the network (402) that he wishes to join. The user then presses an authenticate 
button, which causes both devices (410 and 430) to enter a low transmission power mode. In such case, the devices (410 and 430) 
are only capable of operation within the close proximity. Being in low power mode will diminish the possibility of eavesdropping 
on the authentication process. Power down mode also reduces the amount of message traffic in the area and saves scarce power 
and processing resources at the nodes, which are now out of range. Authentication then takes place in low power mode and once 
completed, both devices resume normal power levels and continue communicating normally. 
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TITLE: WIRELESS DEVICE AUTHENTICATION AT MUTUAL REDUCED 
TRANSMIT POWER 



5 1. FIELD OF THE INVENTION 

The presCTit invention relates to wireless commimications; and more particularly to 
wireless network conmnmications. 
2. BACKGROUND OF THE INVENTION 



10 rise rq)idly all over the world. Not only are mobile phones very popular, but there is also a 
demand for wireless networking devices. One standard for wireless networking, which has 
been widely accepted, is the Specification of the Bluetooth System, v. 1.0 (**Bluetooth 
Specification"). The Bluetooth Specification continues to evolve and subsequent versions are 
expected to be available. 

IS The Bluetooth Specification enables the creation of small personal area networks 

OPAN's), where the typical operating range of a device is 100 meters or less. In a Bluetooth 
system, the wireless Bluetoofli devices sharing a common channel form a piconet. Two or 
more piconets co-located in the same area, with or without inter-piconet communications, is 
known as a scattemeL It is anticipated that as piconets are setup there could be several 

20 piconets operating in the same area as a scattemet, but not necessarily linked together. 

The need to have security procedures in wireless networks has led to security, 
encryption and authentication procedures and protocols being incorporated as part of the 
Bluetooth Specification, in Volume 1, part B, Section 14: Bluetooth Security, of the 
Specifications of the Bluetooth System, v. 1.0, as referenced above. 

25 When a wireless Bluetooth device tries to coimect to a particular piconet, it must go 

through an authentication process, where a user that is part of that piconet, allows the guest to 
join the piconet. Typical wireless networit device such as computers, personal digital 
assistants (PDAs) and mobile phones, have a display and a keyboard that facilitate the 
authentication process. When a user with a mobile phone enters into the opiating range of a 

30 piconet, he will get a message telling what piconet, with a particular ID, he has just entered 
and he can signal his intuition to join that piconet by pressing the ^propriate key on his 
keypad. When he presses the appropriate key, he will start the process of joining that 
piconet 



SPECIFICATION 



The number and popularity of wireless communications devices in use continues to 
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Whm the guest eatered into range of the piconet, his PIN was sent to and received by 
the devices in the piconet. His PIN can thrai be shown on the displays of the devices in the 
piconet. A user in the piconet can then respond to the guest's request and he can accept or 
deny the guest's request to join that piconet Eavesdropping during the registration process 
5 makes Bluetooth devices particularly vulnerable to security breaches. 

When a guest enters an area with several operating piconets, his display will show 
him the DD's of the piconets he has discovered. The guest can then choose which piconet to 
join using his keypad But when the guest has a minimal user interface, such as a wireless 
headset, he has not ability to signal his choice of which piconet to join. In such case, the 
1 0 headset may be paired to work only with a paired device. This paired device may also have a 
limited user interfece, and not have a display or keypad. 

There is a need for a system, protocol and procedure to enable wireless devices, such 
as headsets, to join a particular piconet There is also a need to improve security by reduce 
the possibility of eavesdropping on the authentication process. There is also a need to avoid 
1 S burdening nearby nodes with the extra traffic caused by auth^tication. 

SUMMARY OF THE INVENTION 

Operation according to the present invention enables wireless devices to select and 
join a particular wireless network with minimal usor interaction and with ease in selection of 

20 the network. According to the present invention, after selection of a network and request for 
admission to the network, reduced power operations are performed during corresponding 
authentication operations. Reduced power authentication operations ensure that admission to 
the selected network is attempted and not with a different network. Further, the reduced 
power operations minimize the ability of eavesdropping devices to intercept authentication 

25 information s 

One technique for implementing these reduced power authentication operations is to 
first select a master device of the wireless network for the purpose of requesting a connection 
to the wireless network. With the master device selected, a user places the new device a 
distance firom the master device of the wireless network. This reduced distance is 

30 substantially less than the maximum operating range of the devices. The new device then 
sends a message to the master device that requests that the new device join the wireless 
network. Upon receipt of this message, both the new device and flie master device reduce 
their radio frequency power outputs to a power level sufficient to maintain radio 
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conumimcations between the devices at fbe reduced distance. The new device then processes 
the request, approves the request, and authenticates flie new device into the wireless network. 
Once these opwations are complete, ttie new device and the master device inarease flieir the 
radio frequency power outputs to nonnal power levels. 

5 Using this operating technique, a user of a wireless device having a minimal (or no) 

user interface, e.g., a wireless headset, may easily select a particular network. With the 
master device and the new device reducing their transmit power during the joining 
operations, joining a desired network is substantially guaranteed. Further, with the reduced 
power operations of the present invention, minimal user input is required for the joining 

10 operations. Moreover, when multiple networks are present, e.g., a scattemet, the user of the 
new device may easily select a desired network from a plurality of networks having 
overlapping coverage area. 

Other features and advantages of flie present invention will become apparent from the 
following detailed description of the invention made wifli reference to the accompanying 

IS drawings. 



BRIEF DESCRIPTION OF THE DRAWINGS 

Figure 1 illustrates in a block diagram, a point-to-point network betwe» two wireless 
devices; 

20 Figure 2 illustrates in a block diagram, a point to multipoint network among a 

plurality of wireless devices; 

Figure 3 illustrates in a block diagram, a scattemet that includes multiple piconets 
with overlapping coverage; 

Figure 4 is a system diagram illustrating a scattemet in which one operation according 
25 to the present invention is performed; 

Figure 5 is a logic diagram illustrating op^ation according to the present invention; 

and 

Figure 6 is a block diagram generally illustrating the structure of a wireless device 
constmcted according to the present invention. 

30 

DETAILED DESCRIPTION 

Figure 1 illustrates a network 10 that includes two wireless devices 102-1 and 102-2. 
Network 10 is, for example, a wireless Bluetooth point-to-point piconet where wireless 
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device 102-1 is a master Bluetooth system and wireless device 102-2 is a slave Bluetooth 
system, where the master 102-1 and slave 102-2 share the same channel. The point-to-point 
network 10 described with reference to Figure 1 need not include Bluetooth devices 102-1, 
102-2, but, rather, may comprise any type of wireless device. These wireless devices 102-1 
5 and 102-2 may include digital computers, computer peripherals such as printers, scanners, 
mice, keyboards, etc., personal data assistants (PDAs), wireless telephones, wireless headsets, 
and other wireless devices. 

Figure 2 illustrates a network 20 that includes a plurality of wireless devices 102-1, 
102-2... 102-i ... 102-n (2 < i < n). Wireless network 20 is, for example, a point-to-multipoint 

10 Bluetooth picouet where wireless device 102-1 is a master Bluetooth system and wireless 
devices 102-2 tbrou^ 102-n are slave Bluetoodi systems and conmiunicate with the master 
Bluetooth system 102-1 over the same channel. In at least one embodiment, up to seven 
slaves can be active in the piconet 102. The number of active slaves supported in a piconet 
depends on many variables and design considerations. The point-to-point network of Figure 

15 2 need not include Bluetooth devices 102-1, 102-2, but, rather, may comprise any type of 
wireless device. 

In addition to the active slaves 102-2, 102-i through 102-n illustrated in Figure 2, a 
point-to-multipoint piconet 20 may include many additional slaves that can remain locked to 
the master 102-1 in a so-called '^parked" state. When a slave does not need to participate on 

20 the piconet channel, but still needs to remain synchronized to the channel it can enter the 
parked state. These parked slaves camot be active on the piconet channel, but still remain 
synchronized to the master. 

For both active and parked slaves in a single piconet 20 (or piconet 10 of Figure 1), 
the master 102-1 controls channel access. To this end, the master 102-1 switches control 

25 from one slave to another as it controls channel access within the piconet 20. The master 
102-1 identifies each slave through a unique network address assigned to each slave. When a 
transfer of information between two slaves in a piconet 10 is desired, the master 102-1 
coordinates point-to-point transmission between the two slaves. 

Referring to Figure 2, for instance, slave 102-2 could be a wireless personal digital 

30 assistant CTDA'*) device equipped with a Bluetooth system and slave 102-i could be a 
wireless cellular telephone equipped with a Bluetooth system. In such a case, the master 102- 
1 can coordinate commimications between two slaves 102-2, 102-i over the piconet channel 
to exchange, for instance, phone number information. To do so, the master 102-1 switches 
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focus between the first slave 102-2, commanding it to transmit phone number data to the 
master 102-1, and the second slave 102-i, commanding it to receive phone number data firom 
the master 102-1. This switch in focus is performed by the master &rou^ its storing and 
accessing context information regarding each slave in a relatively rapid succession. 
5 Figure 3, illustrates, for instance, a "scattemet", formed fiDm multiple piconets with 

overlapping cov^age. Bluetooth piconets 20, 31, 33, and 37 form part of the larg^ 
Bluetooth scattemet 30. Each piconet 20, 31, 33, and 37 has only a single master 102-1, 36, 
36, and 34 respectively. However, Figure 3 also illustrates that slaves can participate in 
multiple piconets on a time-division multiplex basis. For instance, in Figure 3, slave 32 

10 participates in two piconets: piconet 20 having master 102-1 and piconet 31 having master 
36. In addition, a master 34 in one piconet 33 can be a slave in another piconet 37. Further, 
a single Bluetooth system may serve as a master in two piconets, e.g., Bluetooth system 36 
serves as a master in both piconet 3 1 and piconet 37. 

Figure 4 is a system diagram illustrating a scattemet in which one operation according 

15 to the present invra^tion is performed. The scattemet of Figure 4 includes four separate 
piconets 402, 404, 406, and 408. Piconet 402 includes master (computer) 410, slave 412 
(PDA), and slave 414 (printer). Piconet 404 includes master 420 (computer), slave 422 
(PDA), and slaVe 423 (wireless phone). Piconet 406 includes master (computer) 416, slave 
418 (PDA), and slave 414 (printer). Piconet 408 includes master (computer) 424, slave 426 

20 (PDA), and slave 428 (wireless phone). The four separate piconets 402, 404, 406, and 408 
have overlapping coverage areas. In the embodimoit of Figure 4, all masters are shown to be 
computers because they will typically be stationary and have the processing capability to 
service a number of slaves. However, in otiher embodiments, the masters could be other 
devices as well. The scattemet of Figure 4 may service a call caiter, customer service 

25 department, or other ofGce mvironmrat, for example that benefits by the wireless 
interconnection of the iUnstrated devices. 

A user of wireless headset 430 desires to have flie wireless headset 430 join piconet 
402 (corresponding to his home computer). The wireless headset 430 has a minimal user 
interface, e.g., a single authenticate button that initiates joining of a piconet. However, the 

30 wireless headset 430, in its operating location, resides within the service coverage area of 
each of the four separate picjonets 402, 404, 406, and 408 that form the scattemet According 
to prior techniques, tihie user of the wireless headset 430 would have difficultly in selecting 
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the desired piconet 402 because of the minimal user interface components of the wireless 
headset 430. 

Thus, according to the present invention, when the wireless headset 430 enters (or 
powers up in) an area with more than one functioning piconet, the wireless headset 430 uses 
5 physical proximity, an authenticate button and a power down procedure to start the 
authentication process. The xiser of the wireless headset 430 physically approaches within 
close proximity, e.g., less than one meta:, the master 410 servicing the piconet 402 that he 
wishes to join. Then, the user presses the authenticate button, signaling his intention to join 
the particular piconet 402. 

10 Once the authenticate button has been pushed, both nodes, the master 410 and the 

slave 430 power down to a level that is usable within the one meter close proximity range. In 
the described embodiment, power down mode will work only if the distance between the 
devices is less than 1 meter. Power down mode increases the security of the authentication 
process, by minimizing message traffic, which could be received by other devices md other 

15 piconets. Power down mode increases the security of the authentication process, by 
preventuig most other devices m tiie area fix>m snooping or eavesdropping on the 
aufheatication process. Further, power down mode minimizes or eliminates any confusion 
regarding which piconet tiiat the user wishes to join. 

By minimizing air traffic during auth^tication, the other users and piconets have a 

20 better chance of maintaining stable communication. For example, if a piconet were hit with a 
lot of message traffic from users just walking by the piconet, scarce processing and power 
resources could be wasted in evaluating the new message traffic. This could bring regular 
traffic in the piconet to a standstill. Power down mode thus prevents the devices that are now 
out of range, from being disturbed by the authentication process. 

25 In one operation of the present invention, the user on the piconet 402 that is within 

close proxinodty will get a message on the display of the master 410. The message would 
typically display the PIN of flie guest 430 trying to join the piconet 402 along with a message 
stating his request to join. The user on the piconet 402 would then either allow or disallow 
the guest 430 attempting to join the piconet 420. 

30 Authentication granted by the process could be temporary or permanent When 

authentication is complete, then a conjSnning message can be seat to both devices. The 
wireless headset 430 user could receive a confirming tone to indicate completion of 
authenticatioa If authentication is not successful, that could also generate a message to one 
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or both of the devices 410 and 430. Once aufhenticalion is complete, then normal power 
mode can be resumed and the guest (wireless headset 430) is now part of that piconet 402 and 
normal communications continue. 

Figure 5 is a logic diagram illustrating operation according to tiie present invention. 
5 The logical operations described with refareuce to Figure 5 will include references to the 
devices of Figure 4. Operation commences wh«i a guest (wireless handset 430) is placed 
within close proximity of a master (computer 410), e.g., 1 meter (step 502). ^th the guest 
430 in close proximity to the master 410, a user of the guest 430 presses an authenticate 
button to initiate the joining of a piconet 402 serviced by the master 410 (step 504). The 

10 master 410 and the guest 430 Hiea enter a power down mode in which the transmit power of 
each device is reduced (step 506). The transmit power during the power down mode is such 
that devices outside of the proximate distance between the devices 410 and 430 cannot eaves 
drop upon the authentication operations unless they are also proximately located. Thus, 
during the power down mode operations, the guest 430 should not be proximately located to 

1 5 other master devices. 

Autheatication operations are then performed in the power down mode (step 508). If 
the au&entication operations are successful (as determined at step 510), nonnal power 
operations are resumed (step 512) and wireless communication operations are serviced until 
completion (step 514) at which point operation ends. If the authentication operations are not 

20 successful (as determined at step 510), operations end. After a successful authentication 
operation, confirmation of such success may be communicated to tiie user of the guest 430, 
e.g., the delivCTy of a distinctive tone to the user of the wireless headset 430. 

Figure 6 is a block diagram generally illustrating the stiucture of a wireless device 
constructed according to the present invention. The general structure of the wireless device 

25 600 will be present in any of the wireless devices illustrated in Figures 1-4, either master 
devices or slave devices. The wireless device 600 of Figure 6 implements the op^ations of 
Figure 5. The wireless device 600 includes a plurality of host device components 602 that 
service all requirements of the wireless device 600 except for the wireless requirraients of the 
wireless device 600. Of course, operations relating to the wireless communications of the 

30 wireless device 600 will be partially performed by the host device components 602. 

Coupled to the host device components 602 is a Radio Frequency (RF) interface 604. 
The RF interface 604 services the wireless communications of the host device 600 and 
includes an RF transmitter 606 and an RF receiver 608. The RF transmitter 606 and the RF 
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receiver 608 both couple to an antenna 610. The teachings of the present invention are 
embodied within the RF transmitter 606 of the RF interface 604 and are generally referred to 
as reduced power aufhmtication operations. During these operations, the transmit power of 
the RF transmitter 606 is reduced to effectively reduce the operating range of the RF interface 
5 604. During these reduced power opCTations, the operations of the RF receiver 608 may 
remain undianged. 
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CLAIMS 

1 . Iq the operation of a wireless network managed by a master device, a method 
for adding a new device to tiie wireless nrtwoik, the method comprising: 

selecting the master device of the wireless network for the purpose of requesting to 
5 join the wireless network; 

placing the new device a proximate distance from the master device of the wireless 
network, wherein the proximate distance between the master device and the new device is 
substantially less than the maximum operating range of the devices; 

sending a message from the new device to the master device, the message conveying 
10 a request from the new device to join the wireless network; 

reducing the radio frequency transmission power outputs of the new device and the 
master device to reduced power levels that are sufficient to maintain radio communications 
between the devices at the proximate distance; 

smding, from the new device to the master device at a reduced power level, a request 
15 to join the wireless network; 

auth^ticating the new device into the wireless netwoik; 

responding, by the master device to the new device at a reduced power level, that the 
new device has joined the wireless network; and 

increasing the radio frequency power outputs of the new device and the master device 
20 to normal power levels. 



2. The m^od of claim 1 , wherein: 

a plurality of oflier wireless networks provide overlq)ping coverage with the wireless 
netwoik; and 

25 reducing the radio frequency power outputs of the new device and the master device 

to a power level sufficient to maintain radio communications between tiie devices at the 
reduced distance prevents the request from being received by masters of the other wireless 
networks. 



30 3. The method of claim 1, wh^ein reducing the radio frequency power outputs 

of the new device and the master device to a power level sufficient to maintain radio 
communications between the devices at the reduced distance prevents the request from being 
intercepted by eavesdropping wireless networks. 

9 
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4, The method of claim 1, herein the wireless network operates according to 
the Bluetooth Specification. 

5 5. The method of claim 4, wherein: 

the wireless network is a piconet serviced by the master device; 
the piconet is one of a plurality of piconets that form a scattemet; and 
the piconet of tiie plurality of piconets that form the scattemet is selected by placing 
the new device within proximity of the master device. 

10 

6. The method of claim 1, wherein the reduced power level of the new device 
differs sligjitly from the reduced power level of the master device. 

7. The method of claim 1, wherein the new device has limited user interface 
IS capabilities. 

8. The method of claim 1, wherein: 

the new device has limited user interface c^abilities; and 

the new device indicates to its visex ttiat it has joined the wireless network. 

20 

9. A method for connecting a first device to a second device in a wireless 
network, the first and second devices being compatible and capable of forming a wireless 
network, and the wireless network operating within a particular geographic area, comprising 
the steps of: 

25 selecting the second device out of a plurality of compatible devices for the purpose of 

forming a wireless network; 

placing the first device a distance fi-om the second device, the distance between the 
devices beiag less than the normal operating range between the devices; 

receiving a command firom the user of the first device, to send a message to the 
30 second device, the message conveying a request ft^om the first device to the second device to 
form a wireless network; 

10 
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reducing the radio frequency power ou^uts of the first and the second devices to a 
power level sufficient to T T^fliTitain radio communications between the devices at the reduced 
distance; 

sending a message from the first device to the second device, requesting permission to 
5 form a wireless netwoik; 

processing at the second device, the request from the first device to form a wireless 

network; 

receiving at the second device, approval for the first and second devices to form a 
wireless network; 

1 0 authenticating the first device into a wireless network with the second device; and 

increasing the radio frequency power outputs of the first and second devices to noimal 
power levels. 

10. The method of claim 9, wherein: 

a plurality of other wireless networks provide overlapping coverage with the wireless 
IS netwoik; and 

reducing the radio fi^uency powor outputs of the first and the second devices to a 
power level sufficient to m^ititflin radio communications between the devices at the reduced 
distance prevents the request fix)m being received by masters of the other wireless networks. 

20 11- The method of claim 9, wherein reducing the radio finequency power outputs 

of the first and the second devices to a power level sufficient to maintain radio 
communications between the devices at the reduced distance prevents the request from being 
intercepted by eavesdropping wireless networks. 

25 12. The method of claim 9, wherein the wireless network operates according to 

the Bluetooth Specification. 

1 3 . The method of claim 1 2, wherein: 
the wireless network is a piconet serviced by the second device; 
30 the piconet is one of a plurality of piconets that form a scattemet; and 

the piconet of the plurality of piconets that form the scattemet is selected by placing 
the first device within proximity of the second device. 
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14. The mefliod of claim 9, wherein the reduced power level of the first device 
differs slightly fix)m the reduced power level of flie second device. 

15. The method of claim 9, wherem the first device has hmited user interface 
5 capabilities. 

1 6. The method of claim 9, wherein: 

the first device has limited user interface capabilities; and 

the first device indicates to its user that it has joined the wireless network. 

10 

17. In the operation of a wireless network managed by a master device, a method 
for adding a new device to the wireless network, the method comprising: 

selecting the master device of the wireless network for the purpose of requesting to 
joia the wireless network; 
IS placing the new device a proximate distance &om the master device of the wireless 

network, wherein the proximate distance between the master device and the new device is 
substantially less than the mflyimiim operating range of the devices, and wherein the new 
device has limited user inter&ce capabilities; 

receiving an indication fi:om the new version device that a corresponding user has 
20 depressed a user interface button of the version device; 

in response to the depression of the user interfiice button of the new version device, 
sending a message fix>m the new device to the master device, the message conveying a 
request firom the new device to join flie wireless network; 

reducing the radio fi-equency transmission power outputs of the new device and the 
25 master device to reduced power levels fliat are sufficient to maintain radio coromunications 
between the devices at the proximate distance; 

sending, fi^m the new device to the master device at a reduced power level, a request 
to join the wireless network; 

authenticating the new device into the wireless network; 
30 responding, by the master device to the new device at a reduced power level, that the 

new device has joined the wireless network; and 

increasing the radio fi:equency power outputs of the new device and the master device 
to normal power levels. 

12 
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1 8. The me&od of claim 1 7, whereiii: 

a plurality of other wireless networks provide overlapping coverage with the wireless 
network; and 

reducing the radio frequency power outputs of the new device and &e master device 
5 to a power level sufficient to tn^mt^in radio communications between the devices at the 
reduced distance prevents the request from being received by mastm of the other wireless 
networks. 

19. The method of claim 17, wherein reducing the radio frequency power outputs 
10 of the new device and the master device to a power level siififident to maintain radio 

communications between the devices at the reduced distance prevents the request from being 
intercq)ted by eavesdropping wireless networks. 

20. The method of claim 17, wherein the wireless network operates according to 
IS the Bluetooth Specification. 
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